CheckBasicAuth validates credentials provided in request if httpAuth.* flags are set returns true if credentials are valid or httpAuth.* flags are not set
(w http.ResponseWriter, r *http.Request)
| 483 | // CheckBasicAuth validates credentials provided in request if httpAuth.* flags are set |
| 484 | // returns true if credentials are valid or httpAuth.* flags are not set |
| 485 | func CheckBasicAuth(w http.ResponseWriter, r *http.Request) bool { |
| 486 | if len(*httpAuthUsername) == 0 { |
| 487 | // HTTP Basic Auth is disabled. |
| 488 | return true |
| 489 | } |
| 490 | username, password, ok := r.BasicAuth() |
| 491 | if ok { |
| 492 | if username == *httpAuthUsername && password == httpAuthPassword.Get() { |
| 493 | return true |
| 494 | } |
| 495 | authBasicRequestErrors.Inc() |
| 496 | } |
| 497 | |
| 498 | w.Header().Set("WWW-Authenticate", `Basic realm="VictoriaMetrics"`) |
| 499 | http.Error(w, "", http.StatusUnauthorized) |
| 500 | return false |
| 501 | } |
| 502 | |
| 503 | // EnableCORS enables https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS |
| 504 | // on the response. |
searching dependent graphs…